This advisory is provided as a courtesy.
We would like to bring to your attention a newly discovered vulnerability affecting major Linux OS distributions, including Ubuntu and CentOS. This vulnerability is affecting Polkit's pkexec component -- specifically a memory corruption vulnerability in polkit's pkexec, a SUID-root program that is installed by default on every major Linux distribution, allowing any unprivileged user to gain full root privileges on a vulnerable host by exploiting this vulnerability in its default configuration. This vulnerability has been assigned CVE ID: CVE-2021-4034.
Affected Software
All major Linux distributions such as Ubuntu, CentOS, Debian, among others.
How to Fix the Problem
All major Linux distributions have made patches available, including Debian, Ubuntu and RedHat. You may run the command to install the latest patches to mitigate the vulnerability.
On Ubuntu/Debian systems:
apt update
apt upgrade
On CentOS systems:
yum update
Workaround
For OS without patches available, you may mitigate the exploitation by removing the SUID-bit from pkexec, e.g.:
# chmod 0755 /usr/bin/pkexec
More Information
Trustwave Action Response: Polkit Privilege Escalation Vulnerability - PwnKit (CVE-2021-4034)
RHSB-2022-001 Polkit Privilege Escalation - (CVE-2021-4034)
Local Privilege Escalation in polkit’s pkexec
Request Assistance
If you are running vulnerable Linux distributions and need our assistance to patch it up or to perform the workaround, we can do it for you at a one-time discounted fee of $10. Please submit your order at Order -> Additional Services -> Vulnerability Fix - LINUX & WINDOWS: OpenSSL, GNU C Library, Poodle SSLV3, Stack Clash, Optionsbleed, Polkit's pkexec Vulnerability - $10
Or please first open a support ticket and give us the hostname, IP address and OS template. You can find this information on your servelet's control panel.
For example:
Hostname: yourservelethostname
IP Address: 103.25.202.81
OS Template: CentOS 7.2
Thank you.